Senior Cyber Security Analyst - (Apply online only)pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite) Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Oct 22, 2025
Contractor
Senior Cyber Security Analyst - (Apply online only)pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite) Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus you will be able to organise your time up to your liking (2-3 days/ week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding active SC will benefit of a quick start date What you will gain: Amazing rate for great affordability Remote working that you can spend less time travelling and enjoy some time at home Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (phone number removed) (extension 8144) and ask for Cristina Ghenu or you may email me at (url removed) Guaranteed Interview Scheme As a member of the GIS scheme, our client guarantees to interview all candidates who have a Disability/ or Veteran / or has a Military spouse/partner and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who meet all the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us on (url removed)
Oct 22, 2025
Contractor
We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus you will be able to organise your time up to your liking (2-3 days/ week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding active SC will benefit of a quick start date What you will gain: Amazing rate for great affordability Remote working that you can spend less time travelling and enjoy some time at home Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (phone number removed) (extension 8144) and ask for Cristina Ghenu or you may email me at (url removed) Guaranteed Interview Scheme As a member of the GIS scheme, our client guarantees to interview all candidates who have a Disability/ or Veteran / or has a Military spouse/partner and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who meet all the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us on (url removed)
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Oct 07, 2025
Contractor
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Oct 04, 2025
Full time
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
Oct 03, 2025
Contractor
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Oct 03, 2025
Contractor
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Oct 03, 2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
SOC Manager required for innovative MSP. You will lead the strategic direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities. Key Responsibilities Team Leadership & Development Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment. Manage team scheduling, conduct performance reviews, and support professional growth and development. SOC Operations Oversight Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response. Drive operational efficiency and ensure timely escalation and resolution of security incidents. Incident Response Management Serve as the main escalation point for significant security incidents. Coordinate response efforts and ensure clear communication with both internal teams and external clients. Process & Workflow Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports and insights to senior leadership and clients on security trends and incident management. Client Relationship Management Act as a trusted advisor to clients, contributing to service reviews and providing expert security guidance. Required Experience & Skills Proven experience working in a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal and written, with the ability to translate technical information for non-technical audiences. Previous experience in an incident response role and a solid understanding of IR processes. Demonstrated experience leading or managing a security-focused team. Understanding of key security frameworks and standards, such as ISO 27001, NIST, and Crest.
Oct 02, 2025
Full time
SOC Manager required for innovative MSP. You will lead the strategic direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities. Key Responsibilities Team Leadership & Development Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment. Manage team scheduling, conduct performance reviews, and support professional growth and development. SOC Operations Oversight Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response. Drive operational efficiency and ensure timely escalation and resolution of security incidents. Incident Response Management Serve as the main escalation point for significant security incidents. Coordinate response efforts and ensure clear communication with both internal teams and external clients. Process & Workflow Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports and insights to senior leadership and clients on security trends and incident management. Client Relationship Management Act as a trusted advisor to clients, contributing to service reviews and providing expert security guidance. Required Experience & Skills Proven experience working in a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal and written, with the ability to translate technical information for non-technical audiences. Previous experience in an incident response role and a solid understanding of IR processes. Demonstrated experience leading or managing a security-focused team. Understanding of key security frameworks and standards, such as ISO 27001, NIST, and Crest.
